1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.struts;
24  
25  import com.liferay.portal.LayoutPermissionException;
26  import com.liferay.portal.PortletActiveException;
27  import com.liferay.portal.RequiredRoleException;
28  import com.liferay.portal.UserActiveException;
29  import com.liferay.portal.kernel.log.Log;
30  import com.liferay.portal.kernel.log.LogFactoryUtil;
31  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
32  import com.liferay.portal.kernel.servlet.HttpMethods;
33  import com.liferay.portal.kernel.servlet.SessionErrors;
34  import com.liferay.portal.kernel.util.GetterUtil;
35  import com.liferay.portal.kernel.util.HttpUtil;
36  import com.liferay.portal.kernel.util.JavaConstants;
37  import com.liferay.portal.kernel.util.ParamUtil;
38  import com.liferay.portal.kernel.util.StringPool;
39  import com.liferay.portal.kernel.util.Validator;
40  import com.liferay.portal.liveusers.LiveUsers;
41  import com.liferay.portal.model.Layout;
42  import com.liferay.portal.model.LayoutConstants;
43  import com.liferay.portal.model.Portlet;
44  import com.liferay.portal.model.PortletPreferencesIds;
45  import com.liferay.portal.model.User;
46  import com.liferay.portal.model.UserTracker;
47  import com.liferay.portal.model.UserTrackerPath;
48  import com.liferay.portal.security.auth.PrincipalException;
49  import com.liferay.portal.security.permission.ActionKeys;
50  import com.liferay.portal.security.permission.PermissionChecker;
51  import com.liferay.portal.service.LayoutLocalServiceUtil;
52  import com.liferay.portal.service.PortletLocalServiceUtil;
53  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
54  import com.liferay.portal.service.permission.PortletPermissionUtil;
55  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
56  import com.liferay.portal.theme.ThemeDisplay;
57  import com.liferay.portal.util.PortalUtil;
58  import com.liferay.portal.util.PropsKeys;
59  import com.liferay.portal.util.PropsUtil;
60  import com.liferay.portal.util.PropsValues;
61  import com.liferay.portal.util.WebKeys;
62  import com.liferay.portlet.InvokerPortlet;
63  import com.liferay.portlet.PortletConfigFactory;
64  import com.liferay.portlet.PortletInstanceFactory;
65  import com.liferay.portlet.PortletPreferencesFactoryUtil;
66  import com.liferay.portlet.PortletURLImpl;
67  import com.liferay.portlet.RenderRequestFactory;
68  import com.liferay.portlet.RenderRequestImpl;
69  import com.liferay.portlet.RenderResponseFactory;
70  import com.liferay.portlet.RenderResponseImpl;
71  
72  import java.io.IOException;
73  
74  import java.util.Date;
75  import java.util.HashSet;
76  import java.util.Iterator;
77  import java.util.Map.Entry;
78  import java.util.Map;
79  import java.util.Set;
80  
81  import javax.portlet.PortletConfig;
82  import javax.portlet.PortletContext;
83  import javax.portlet.PortletMode;
84  import javax.portlet.PortletPreferences;
85  import javax.portlet.PortletRequest;
86  import javax.portlet.WindowState;
87  
88  import javax.servlet.ServletContext;
89  import javax.servlet.ServletException;
90  import javax.servlet.http.HttpServletRequest;
91  import javax.servlet.http.HttpServletResponse;
92  import javax.servlet.http.HttpSession;
93  import javax.servlet.jsp.PageContext;
94  
95  import org.apache.struts.action.ActionMapping;
96  import org.apache.struts.config.ForwardConfig;
97  import org.apache.struts.tiles.TilesRequestProcessor;
98  
99  /**
100  * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
101  *
102  * @author Brian Wing Shun Chan
103  * @author Jorge Ferrer
104  */
105 public class PortalRequestProcessor extends TilesRequestProcessor {
106 
107     public PortalRequestProcessor() {
108 
109         // auth.forward.last.path.
110 
111         _lastPaths = new HashSet<String>();
112 
113         _lastPaths.add(_PATH_PORTAL_LAYOUT);
114 
115         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
116 
117         // auth.public.path.
118 
119         _publicPaths = new HashSet<String>();
120 
121         _publicPaths.add(_PATH_C);
122         _publicPaths.add(_PATH_PORTAL_FLASH);
123         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
124         _publicPaths.add(_PATH_PORTAL_LAYOUT);
125         _publicPaths.add(_PATH_PORTAL_LOGIN);
126         _publicPaths.add(_PATH_PORTAL_LOGIN_CAPTCHA);
127         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
128         _publicPaths.add(_PATH_PORTAL_TCK);
129 
130         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
131 
132         _trackerIgnorePaths = new HashSet<String>();
133 
134         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
135     }
136 
137     public void process(
138             HttpServletRequest request, HttpServletResponse response)
139         throws IOException, ServletException {
140 
141         String path = super.processPath(request, response);
142 
143         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
144             path);
145 
146         if ((mapping == null) && !path.startsWith(_PATH_WSRP)) {
147             String lastPath = getLastPath(request);
148 
149             if (_log.isDebugEnabled()) {
150                 _log.debug("Last path " + lastPath);
151             }
152 
153             response.sendRedirect(lastPath);
154 
155             return;
156         }
157 
158         super.process(request, response);
159 
160         try {
161             if (isPortletPath(path)) {
162                 cleanUp(request);
163             }
164         }
165         catch (Exception e) {
166             _log.error(e, e);
167         }
168     }
169 
170     protected void addPaths(Set<String> paths, String propsKey) {
171         String[] pathsArray = PropsUtil.getArray(propsKey);
172 
173         for (String path : pathsArray) {
174             paths.add(path);
175         }
176     }
177 
178     protected void callParentDoForward(
179             String uri, HttpServletRequest request,
180             HttpServletResponse response)
181         throws IOException, ServletException {
182 
183         super.doForward(uri, request, response);
184     }
185 
186     protected HttpServletRequest callParentProcessMultipart(
187         HttpServletRequest request) {
188 
189         return super.processMultipart(request);
190     }
191 
192     protected String callParentProcessPath(
193             HttpServletRequest request, HttpServletResponse response)
194         throws IOException {
195 
196         return super.processPath(request, response);
197     }
198 
199     protected boolean callParentProcessRoles(
200             HttpServletRequest request, HttpServletResponse response,
201             ActionMapping mapping)
202         throws IOException, ServletException {
203 
204         return super.processRoles(request, response, mapping);
205     }
206 
207     protected void cleanUp(HttpServletRequest request) throws Exception {
208 
209         // Clean up portlet objects that may have been created by defineObjects
210         // for portlets that are called directly from a Struts path
211 
212         RenderRequestImpl renderRequestImpl =
213             (RenderRequestImpl)request.getAttribute(
214                 JavaConstants.JAVAX_PORTLET_REQUEST);
215 
216         if (renderRequestImpl != null) {
217             RenderRequestFactory.recycle(renderRequestImpl);
218         }
219 
220         RenderResponseImpl renderResponseImpl =
221             (RenderResponseImpl)request.getAttribute(
222                 JavaConstants.JAVAX_PORTLET_RESPONSE);
223 
224         if (renderResponseImpl != null) {
225             RenderResponseFactory.recycle(renderResponseImpl);
226         }
227     }
228 
229     protected void defineObjects(
230             HttpServletRequest request, HttpServletResponse response,
231             Portlet portlet)
232         throws Exception {
233 
234         String portletId = portlet.getPortletId();
235 
236         ServletContext servletContext = (ServletContext)request.getAttribute(
237             WebKeys.CTX);
238 
239         InvokerPortlet invokerPortlet = PortletInstanceFactory.create(
240             portlet, servletContext);
241 
242         PortletPreferencesIds portletPreferencesIds =
243             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
244                 request, portletId);
245 
246         PortletPreferences portletPreferences =
247             PortletPreferencesLocalServiceUtil.getPreferences(
248                 portletPreferencesIds);
249 
250         PortletConfig portletConfig = PortletConfigFactory.create(
251             portlet, servletContext);
252         PortletContext portletContext = portletConfig.getPortletContext();
253 
254         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
255             request, portlet, invokerPortlet, portletContext,
256             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
257 
258         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
259             renderRequestImpl, response, portletId, portlet.getCompanyId());
260 
261         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
262 
263         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
264     }
265 
266     protected void doForward(
267             String uri, HttpServletRequest request,
268             HttpServletResponse response)
269         throws ServletException {
270 
271         StrutsUtil.forward(uri, getServletContext(), request, response);
272     }
273 
274     protected void doInclude(
275             String uri, HttpServletRequest request,
276             HttpServletResponse response)
277         throws ServletException {
278 
279         StrutsUtil.include(uri, getServletContext(), request, response);
280     }
281 
282     protected StringBuilder getFriendlyTrackerPath(
283             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
284         throws Exception {
285 
286         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
287             return null;
288         }
289 
290         long plid = ParamUtil.getLong(request, "p_l_id");
291 
292         if (plid == 0) {
293             return null;
294         }
295 
296         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
297 
298         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
299             layout, themeDisplay);
300 
301         StringBuilder sb = new StringBuilder();
302 
303         sb.append(layoutFriendlyURL);
304 
305         String portletId = ParamUtil.getString(request, "p_p_id");
306 
307         if (Validator.isNull(portletId)) {
308             return sb;
309         }
310 
311         long companyId = PortalUtil.getCompanyId(request);
312 
313         Portlet portlet = PortletLocalServiceUtil.getPortletById(
314             companyId, portletId);
315 
316         if (portlet == null) {
317             String strutsPath = path.substring(
318                 1, path.lastIndexOf(StringPool.SLASH));
319 
320             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
321                 companyId, strutsPath);
322         }
323 
324         if ((portlet == null) || !portlet.isActive()) {
325             sb.append(StringPool.QUESTION);
326             sb.append(request.getQueryString());
327 
328             return sb;
329         }
330 
331         String namespace = PortalUtil.getPortletNamespace(portletId);
332 
333         FriendlyURLMapper friendlyURLMapper =
334             portlet.getFriendlyURLMapperInstance();
335 
336         if (friendlyURLMapper == null) {
337             sb.append(StringPool.QUESTION);
338             sb.append(request.getQueryString());
339 
340             return sb;
341         }
342 
343         PortletURLImpl portletURL = new PortletURLImpl(
344             request, portletId, plid, PortletRequest.RENDER_PHASE);
345 
346         Iterator<Map.Entry<String, String[]>> itr =
347             request.getParameterMap().entrySet().iterator();
348 
349         while (itr.hasNext()) {
350             Entry<String, String[]> entry = itr.next();
351 
352             String key = entry.getKey();
353 
354             if (key.startsWith(namespace)) {
355                 key = key.substring(namespace.length());
356 
357                 portletURL.setParameter(key, entry.getValue());
358             }
359         }
360 
361         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
362 
363         if (portletFriendlyURL != null) {
364             sb.append(portletFriendlyURL);
365         }
366         else {
367             sb.append(StringPool.QUESTION);
368             sb.append(request.getQueryString());
369         }
370 
371         return sb;
372     }
373 
374     protected String getLastPath(HttpServletRequest request) {
375         HttpSession session = request.getSession();
376 
377         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
378             WebKeys.THEME_DISPLAY);
379 
380         Boolean httpsInitial = (Boolean)session.getAttribute(
381             WebKeys.HTTPS_INITIAL);
382 
383         String portalURL = null;
384 
385         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
386             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
387 
388             portalURL = PortalUtil.getPortalURL(request, false);
389         }
390         else {
391             portalURL = PortalUtil.getPortalURL(request);
392         }
393 
394         StringBuilder sb = new StringBuilder();
395 
396         sb.append(portalURL);
397         sb.append(themeDisplay.getPathMain());
398         sb.append(_PATH_PORTAL_LAYOUT);
399 
400         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
401             if (request.getRemoteUser() != null) {
402 
403                 // If we do not forward by last path and the user is logged in,
404                 // forward to the user's default layout to prevent a lagging
405                 // loop
406 
407                 sb.append(StringPool.QUESTION);
408                 sb.append("p_l_id");
409                 sb.append(StringPool.EQUAL);
410                 sb.append(LayoutConstants.DEFAULT_PLID);
411             }
412 
413             return sb.toString();
414         }
415 
416         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
417 
418         if (lastPath == null) {
419             return sb.toString();
420         }
421 
422         Map<String, String[]> parameterMap = lastPath.getParameterMap();
423 
424         // Only test for existing mappings for last paths that were set when the
425         // user accessed a layout directly instead of through its friendly URL
426 
427         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
428             ActionMapping mapping =
429                 (ActionMapping)moduleConfig.findActionConfig(
430                     lastPath.getPath());
431 
432             if ((mapping == null) || (parameterMap == null)) {
433                 return sb.toString();
434             }
435         }
436 
437         StringBuilder lastPathSB = new StringBuilder();
438 
439         lastPathSB.append(portalURL);
440         lastPathSB.append(lastPath.getContextPath());
441         lastPathSB.append(lastPath.getPath());
442         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
443 
444         return lastPathSB.toString();
445     }
446 
447     protected boolean isPortletPath(String path) {
448         if ((path != null) &&
449             (!path.equals(_PATH_C)) &&
450             (!path.startsWith(_PATH_COMMON)) &&
451             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
452             (!path.startsWith(_PATH_PORTAL)) &&
453             (!path.startsWith(_PATH_WSRP))) {
454 
455             return true;
456         }
457         else {
458             return false;
459         }
460     }
461 
462     protected boolean isPublicPath(String path) {
463         if ((path != null) &&
464             (_publicPaths.contains(path)) ||
465             (path.startsWith(_PATH_COMMON)) ||
466             (path.startsWith(_PATH_WSRP))) {
467 
468             return true;
469         }
470         else {
471             return false;
472         }
473     }
474 
475     protected ActionMapping processMapping(
476             HttpServletRequest request, HttpServletResponse response,
477             String path)
478         throws IOException {
479 
480         if (path == null) {
481             return null;
482         }
483 
484         ActionMapping mapping = super.processMapping(request, response, path);
485 
486         if (mapping == null) {
487             String msg = getInternal().getMessage("processInvalid");
488 
489             _log.error("User ID " + request.getRemoteUser());
490             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
491             _log.error("Referer " + request.getHeader("Referer"));
492             _log.error("Remote address " + request.getRemoteAddr());
493 
494             _log.error(msg + " " + path);
495         }
496 
497         return mapping;
498     }
499 
500     protected HttpServletRequest processMultipart(HttpServletRequest request) {
501 
502         // Disable Struts from automatically wrapping a multipart request
503 
504         return request;
505     }
506 
507     protected String processPath(
508             HttpServletRequest request, HttpServletResponse response)
509         throws IOException {
510 
511         String path = GetterUtil.getString(
512             super.processPath(request, response));
513 
514         HttpSession session = request.getSession();
515 
516         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
517             WebKeys.THEME_DISPLAY);
518 
519         // Current users
520 
521         UserTracker userTracker = LiveUsers.getUserTracker(
522             themeDisplay.getCompanyId(), session.getId());
523 
524         if ((userTracker != null) && (!path.equals(_PATH_C)) &&
525             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
526             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
527             (!_trackerIgnorePaths.contains(path))) {
528 
529             StringBuilder sb = null;
530 
531             try {
532                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
533                     sb = getFriendlyTrackerPath(path, themeDisplay, request);
534                 }
535             }
536             catch (Exception e) {
537                 _log.error(e, e);
538             }
539 
540             if (sb == null) {
541                 sb = new StringBuilder();
542 
543                 sb.append(path);
544                 sb.append(StringPool.QUESTION);
545                 sb.append(request.getQueryString());
546             }
547 
548             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
549 
550             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
551             userTrackerPath.setPath(sb.toString());
552             userTrackerPath.setPathDate(new Date());
553 
554             userTracker.addPath(userTrackerPath);
555         }
556 
557         String remoteUser = request.getRemoteUser();
558 
559         User user = null;
560 
561         try {
562             user = PortalUtil.getUser(request);
563         }
564         catch (Exception e) {
565         }
566 
567         // Last path
568 
569         if (_lastPaths.contains(path) && !_trackerIgnorePaths.contains(path)) {
570             boolean saveLastPath = ParamUtil.getBoolean(
571                 request, "saveLastPath", true);
572 
573             if (themeDisplay.isLifecycleResource() ||
574                 themeDisplay.isStateExclusive() ||
575                 themeDisplay.isStatePopUp() ||
576                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
577 
578                 saveLastPath = false;
579             }
580 
581             // Save last path
582 
583             if (saveLastPath) {
584 
585                 // Was a last path set by another servlet that dispatched to
586                 // the MainServlet? If so, use that last path instead.
587 
588                 LastPath lastPath = (LastPath)request.getAttribute(
589                     WebKeys.LAST_PATH);
590 
591                 if (lastPath == null) {
592                     lastPath = new LastPath(
593                         themeDisplay.getPathMain(), path,
594                         request.getParameterMap());
595                 }
596 
597                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
598             }
599         }
600 
601         // Authenticated users can always log out
602 
603         if (((remoteUser != null) || (user != null)) &&
604             (path.equals(_PATH_PORTAL_LOGOUT))) {
605 
606             return path;
607         }
608 
609         // Authenticated users can always extend or confirm their session
610 
611         if (((remoteUser != null) || (user != null)) &&
612             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
613              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
614 
615             return path;
616         }
617 
618         // Authenticated users can always agree to terms of use
619 
620         if (((remoteUser != null) || (user != null)) &&
621             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
622 
623             return path;
624         }
625 
626         // Authenticated users must still exist in the system
627 
628         if ((remoteUser != null) && (user == null)) {
629             return _PATH_PORTAL_LOGOUT;
630         }
631 
632         // Authenticated users must be active
633 
634         if ((user != null) && !user.isActive()) {
635             SessionErrors.add(request, UserActiveException.class.getName());
636 
637             return _PATH_PORTAL_ERROR;
638         }
639 
640         if (!path.equals(_PATH_PORTAL_RENDER_PORTLET)) {
641 
642             // Authenticated users should agree to Terms of Use
643 
644             if ((user != null) && !user.isAgreedToTermsOfUse()) {
645                 if (PropsValues.TERMS_OF_USE_REQUIRED) {
646                     return _PATH_PORTAL_TERMS_OF_USE;
647                 }
648             }
649 
650             // Authenticated users must have a current password
651 
652             if ((user != null) && user.isPasswordReset()) {
653                 return _PATH_PORTAL_CHANGE_PASSWORD;
654             }
655         }
656 
657         // Users must sign in
658 
659         if (!isPublicPath(path)) {
660             if (user == null) {
661                 SessionErrors.add(request, PrincipalException.class.getName());
662 
663                 return _PATH_PORTAL_LOGIN;
664             }
665         }
666 
667         ActionMapping mapping =
668             (ActionMapping)moduleConfig.findActionConfig(path);
669 
670         if (path.startsWith(_PATH_WSRP)) {
671             path = _PATH_WSRP;
672         }
673         else {
674             path = mapping.getPath();
675         }
676 
677         // Authenticated users must have at least one role
678 
679         if (user != null) {
680             try {
681 
682                 // FIX ME
683 
684                 if (false) {
685                     SessionErrors.add(
686                         request, RequiredRoleException.class.getName());
687 
688                     return _PATH_PORTAL_ERROR;
689                 }
690             }
691             catch (Exception e) {
692                 e.printStackTrace();
693             }
694         }
695 
696         // Define the portlet objects
697 
698         if (isPortletPath(path)) {
699             try {
700                 Portlet portlet = null;
701 
702                 long companyId = PortalUtil.getCompanyId(request);
703                 String portletId = ParamUtil.getString(request, "p_p_id");
704 
705                 if (Validator.isNotNull(portletId)) {
706                     portlet = PortletLocalServiceUtil.getPortletById(
707                         companyId, portletId);
708                 }
709 
710                 if (portlet == null) {
711                     String strutsPath = path.substring(
712                         1, path.lastIndexOf(StringPool.SLASH));
713 
714                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
715                         companyId, strutsPath);
716                 }
717 
718                 if ((portlet != null) && portlet.isActive()) {
719                     defineObjects(request, response, portlet);
720                 }
721             }
722             catch (Exception e) {
723                 request.setAttribute(PageContext.EXCEPTION, e);
724 
725                 path = _PATH_COMMON_ERROR;
726             }
727         }
728 
729         // Authenticated users must have access to at least one layout
730 
731         if (SessionErrors.contains(
732                 request, LayoutPermissionException.class.getName())) {
733 
734             return _PATH_PORTAL_ERROR;
735         }
736 
737         return path;
738     }
739 
740     protected boolean processRoles(
741             HttpServletRequest request, HttpServletResponse response,
742             ActionMapping mapping)
743         throws IOException, ServletException {
744 
745         String path = mapping.getPath();
746 
747         if (isPublicPath(path)) {
748             return true;
749         }
750 
751         boolean authorized = true;
752 
753         User user = null;
754 
755         try {
756             user = PortalUtil.getUser(request);
757         }
758         catch (Exception e) {
759         }
760 
761         if ((user != null) && isPortletPath(path)) {
762             try {
763 
764                 // Authenticated users can always log out
765 
766                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
767                     return true;
768                 }
769 
770                 Portlet portlet = null;
771 
772                 String portletId = ParamUtil.getString(request, "p_p_id");
773 
774                 if (Validator.isNotNull(portletId)) {
775                     portlet = PortletLocalServiceUtil.getPortletById(
776                         user.getCompanyId(), portletId);
777                 }
778 
779                 String strutsPath = path.substring(
780                     1, path.lastIndexOf(StringPool.SLASH));
781 
782                 if (portlet != null) {
783                     if (!strutsPath.equals(portlet.getStrutsPath())) {
784                         throw new PrincipalException();
785                     }
786                 }
787                 else {
788                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
789                         user.getCompanyId(), strutsPath);
790                 }
791 
792                 if ((portlet != null) && portlet.isActive()) {
793                     ThemeDisplay themeDisplay =
794                         (ThemeDisplay)request.getAttribute(
795                             WebKeys.THEME_DISPLAY);
796 
797                     Layout layout = themeDisplay.getLayout();
798                     PermissionChecker permissionChecker =
799                         themeDisplay.getPermissionChecker();
800 
801                     if (!PortletPermissionUtil.contains(
802                             permissionChecker, layout.getPlid(), portlet,
803                             ActionKeys.VIEW)) {
804 
805                         throw new PrincipalException();
806                     }
807                 }
808                 else if (portlet != null && !portlet.isActive()) {
809                     SessionErrors.add(
810                         request, PortletActiveException.class.getName());
811 
812                     authorized = false;
813                 }
814             }
815             catch (Exception e) {
816                 SessionErrors.add(request, PrincipalException.class.getName());
817 
818                 authorized = false;
819             }
820         }
821 
822         if (!authorized) {
823             ForwardConfig forwardConfig =
824                 mapping.findForward(_PATH_PORTAL_ERROR);
825 
826             processForwardConfig(request, response, forwardConfig);
827 
828             return false;
829         }
830         else {
831             return true;
832         }
833     }
834 
835     private static String _PATH_C = "/c";
836 
837     private static String _PATH_COMMON = "/common";
838 
839     private static String _PATH_COMMON_ERROR = "/common/error";
840 
841     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
842 
843     private static String _PATH_PORTAL = "/portal";
844 
845     private static String _PATH_PORTAL_CHANGE_PASSWORD =
846         "/portal/change_password";
847 
848     private static String _PATH_PORTAL_ERROR = "/portal/error";
849 
850     private static String _PATH_PORTAL_EXPIRE_SESSION =
851         "/portal/expire_session";
852 
853     private static String _PATH_PORTAL_EXTEND_SESSION =
854         "/portal/extend_session";
855 
856     private static String _PATH_PORTAL_FLASH = "/portal/flash";
857 
858     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
859 
860     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
861 
862     private static String _PATH_PORTAL_LOGIN = "/portal/login";
863 
864     private static String _PATH_PORTAL_LOGIN_CAPTCHA = "/portal/login_captcha";
865 
866     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
867 
868     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
869 
870     private static String _PATH_PORTAL_RENDER_PORTLET =
871         "/portal/render_portlet";
872 
873     private static String _PATH_PORTAL_TCK = "/portal/tck";
874 
875     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
876 
877     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
878         "/portal/update_terms_of_use";
879 
880     private static String _PATH_WSRP = "/wsrp";
881 
882     private static Log _log =
883         LogFactoryUtil.getLog(PortalRequestProcessor.class);
884 
885     private Set<String> _lastPaths;
886     private Set<String> _publicPaths;
887     private Set<String> _trackerIgnorePaths;
888 
889 }